ハッキングされています。nmapの結果貼ります
ハッキングされているようです。
自分で解決できるかやってみましたが、1日2日では
できそうもないのでここからどう対策したらいいか
教えてください。
Windows7homeです。
気が付いてからbacktrackをインストールしてnmapした結果です。
Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2012-01-19 21:06 JST
NSE: Loaded 87 scripts for scanning.
NSE: Script Pre-scanning.
Initiating Ping Scan at 21:06
Scanning 192.168.56.1 [4 ports]
Completed Ping Scan at 21:06, 0.01s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 21:06
Completed Parallel DNS resolution of 1 host. at 21:06, 0.06s elapsed
Initiating SYN Stealth Scan at 21:06
Scanning 192.168.56.1 [1000 ports]
Discovered open port 80/tcp on 192.168.56.1
Discovered open port 554/tcp on 192.168.56.1
Discovered open port 139/tcp on 192.168.56.1
Discovered open port 445/tcp on 192.168.56.1
Discovered open port 135/tcp on 192.168.56.1
Discovered open port 443/tcp on 192.168.56.1
Discovered open port 2869/tcp on 192.168.56.1
Discovered open port 49153/tcp on 192.168.56.1
Discovered open port 10243/tcp on 192.168.56.1
Discovered open port 5357/tcp on 192.168.56.1
Discovered open port 49152/tcp on 192.168.56.1
Discovered open port 49157/tcp on 192.168.56.1
Discovered open port 49154/tcp on 192.168.56.1
Discovered open port 49156/tcp on 192.168.56.1
Completed SYN Stealth Scan at 21:06, 4.21s elapsed (1000 total ports)
こちらがWindowsファイアウォールなどの対策を試みたあと
解放されていたポートが変更された部分です。
Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2012-01-20 16:35 JST
NSE: Loaded 87 scripts for scanning.
NSE: Script Pre-scanning.
Initiating Ping Scan at 16:35
Scanning 192.168.56.1 [4 ports]
Completed Ping Scan at 16:35, 0.04s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 16:35
Completed Parallel DNS resolution of 1 host. at 16:35, 1.20s elapsed
Initiating SYN Stealth Scan at 16:35
Scanning 192.168.56.1 [1000 ports]
Discovered open port 554/tcp on 192.168.56.1
Discovered open port 135/tcp on 192.168.56.1
Discovered open port 443/tcp on 192.168.56.1
Discovered open port 80/tcp on 192.168.56.1
Discovered open port 445/tcp on 192.168.56.1
Discovered open port 139/tcp on 192.168.56.1
Discovered open port 1025/tcp on 192.168.56.1
Discovered open port 5357/tcp on 192.168.56.1
Discovered open port 1026/tcp on 192.168.56.1
Discovered open port 10243/tcp on 192.168.56.1
Discovered open port 1030/tcp on 192.168.56.1
Discovered open port 1027/tcp on 192.168.56.1
Discovered open port 2869/tcp on 192.168.56.1
Discovered open port 1029/tcp on 192.168.56.1
Completed SYN Stealth Scan at 16:35, 4.08s elapsed (1000 total ports)
たぶんバックドアではないかと思いますが、どのアプリが
それを起動しているのかは発見出来てません。
対応策ありましたら教えてください。
